A kind of production method and system of wireless router digital certificate
Technical field
The invention belongs to technical field of network security, more particularly, to a kind of generation of wireless router digital certificate
Method and system.
Background technique
It is networked by digital certificate authentication, network can be prevented well to be stolen and occupy.But when a wireless routing
When device accesses multiple terminal devices, if all terminal devices all use same set of digital certificate, it is easy for leading to digital certificate
Leakage, after approval terminal device steal non-by other, other non-approval terminal devices can also rely on this set digital certificate
It networks, internet security reduces.
The patent of publication number CN108040358A discloses a kind of wireless network connecting method, terminal device and storage and is situated between
Matter, this method include:When receiving predetermined instruction, all channel scanning is carried out, obtains the parameter letter of the wireless network scanned
Breath, the parameter information of the wireless network include at least one of following:The signal strength indication of wireless network, wireless network place letter
The wireless device number of channel access where the channel utilization and wireless network in road;According to the wireless network parameter scanned
Information obtains the comprehensive performance of the wireless network scanned;Using the highest wireless network of the comprehensive performance as Target Wireless
Network, and request is initiated the connection to the target radio network;After password authentification is correct, that is, realize wireless network connection.
This method by initiating network connecting request to target radio network, can be connected after inputting correct wireless network password into
Net not yet carries out networking verifying using digital certificate, can not accomplish to match each terminal device exclusive digital certificate,
Security level is lower, and password is easy leakage and is stolen.
Compared with prior art, the present invention by by the MAC Address of terminal device, the newly encoded information of equipment class and it is current when
Between information upset generation character string, be effectively that each terminal device generates a digital certificate, pass through exclusive number card
The verifying that book networks, while the leakage of digital certificate information is prevented, improve the safety of network.
Summary of the invention
For the disadvantages described above and Improvement requirement of the prior art, the present invention provides a kind of wireless router digital certificates
Production method and system effectively generate a digital certificate its purpose is to provide a kind of for each terminal device, prevent
The leakage of digital certificate information promotes the production method and system of the wireless router digital certificate of the safety of network, thus
Solve the technical issues of digital certificate of the existing technology is easy leakage.
To achieve the above object, the present invention provides a kind of production methods of wireless router digital certificate, including step:
S1. the MAC Address of receiving terminal apparatus transmission, device type encoded information, and obtain current time information;
S2. the MAC Address of the acquisition, device type encoded information and current time information are upset, generates number at random
Word certificate;
S3. the digital certificate by the generation returns to terminal device.
It further, further include step before step S2:
The MAC Address of the acquisition is stored, MAC Address chained list is established.
It further, upon step s 2, further include step:
In the address that MAC Address corresponding in the digital certificate store of the generation to MAC Address chained list is directed toward.
Further, step S3 specifically includes step:
The digital certificate of the generation is encrypted by private key, is returned again to terminal device.
It further, after step s 3, further include step:
Digital certificate authentication request is sent to terminal device, and the digital certificate information returned to terminal device is tested
Card, after digital certificate information is verified, to the terminal device open network permission.
Correspondingly, a kind of generation system of wireless router digital certificate is also provided, including:
Receiving module, the MAC Address sent for receiving terminal apparatus, device type encoded information;
Module is obtained, for obtaining current time information;
Generation module, for the MAC Address of the acquisition, device type encoded information and current time information to be upset,
It is random to generate digital certificate;
Return module, for the digital certificate of the generation to be returned to terminal device.
Further, further include:
Memory module, for storing the MAC Address of the acquisition;
Module is established, for establishing MAC Address chained list according to the MAC Address of the acquisition.
Further, further include:
Memory module, for MAC Address corresponding to the digital certificate store of the generation to MAC Address chained list to be directed toward
Address in.
Further, further include:
Encrypting module, for encrypting the digital certificate of the generation by private key.
Further, further include:
Sending module, for sending digital certificate authentication request to terminal device;
Authentication module, for being verified to the digital certificate information that terminal device returns.
Compared with prior art, the present invention having the following advantages:
By the way that the MAC Address of terminal device, the newly encoded information of equipment class and current time information are upset generation character string,
A digital certificate effectively is generated for each terminal device, the leakage of digital certificate information is prevented, improves the peace of network
Quan Xing.
Detailed description of the invention
Fig. 1 is a kind of production method flow chart for wireless router digital certificate that embodiment one provides;
Fig. 2 is a kind of generation system structure chart for wireless router digital certificate that embodiment one provides;
Fig. 3 is a kind of production method flow chart for wireless router digital certificate that embodiment two provides;
Fig. 4 is a kind of generation system structure chart for wireless router digital certificate that embodiment two provides.
Specific embodiment
Following is a specific embodiment of the present invention in conjunction with the accompanying drawings, technical scheme of the present invention will be further described,
However, the present invention is not limited to these examples.
Embodiment one
A kind of production method of wireless router digital certificate is present embodiments provided, as shown in Figure 1, including step:
S11. the MAC Address of receiving terminal apparatus transmission, device type encoded information, and obtain current time information;
S12. the MAC Address of the acquisition, device type encoded information and current time information are upset, generates number at random
Word certificate;
S13. the digital certificate by the generation returns to terminal device.
When terminal device and wireless router First Contact Connections, by the confirmation of wireless router administrator, terminal device
MAC Address, the device type encoded information of terminal device are sent to wireless router, wireless router is sent out in receiving terminal apparatus
While the MAC Address that send, device type encoded information, current time information is obtained, random function is then utilized, will acquire
Terminal device MAC Address, device type encoded information and current time information character are upset, and one section of random string is generated, should
Character string is then the identification code of digital certificate.Since the digital certificate of generation is encoded by terminal device MAC Address, device type
Information and current time information upset character sequence generation, and each terminal device has different device type codes, MAC Address,
The time of terminal device to wireless router sending device relevant information is also different, so the number that corresponding each terminal device generates
Word certificate identification code is just different, avoids and the identical situation of digital certificate occurs.
Wireless router needs after generating the exclusive digital certificate of terminal device to this number of installing terminal equipment
The digital certificate of generation is then returned to terminal device by certificate.
It further, further include step before step S12:
The MAC Address of the acquisition is stored, MAC Address chained list is established.
Wireless router, need to be according to end before generating digital certificate after the MAC Address for receiving terminal device transmission
The chained list of the MAC Address creation storage terminal device MAC Address of end equipment, the digital certificate generated for use in storage.
It further, after step s 12, further include step:
In the address that MAC Address corresponding in the digital certificate store of the generation to MAC Address chained list is directed toward.
When wireless router upsets the MAC Address of the acquisition, device type encoded information and current time information, with
After machine generates the exclusive digital certificate of terminal device, then the digital certificate of generation is stored in MAC Address chained list created
In corresponding terminal device MAC Address in, each node, that is, terminal device MAC Address of such chained list is then directed toward corresponding number
Word certificate stores path.
Further, step S13 specifically includes step:
The digital certificate of the generation is encrypted by private key, is returned again to terminal device.
Communication between wireless router and terminal device is encrypted by public and private key, this is logical in order to ensure
Letter safety.When sending a classified document, sender uses private key to data encryption, and recipient is solved using public key
It is close, in this way, information can arrive at the destination safe and punctually, even if being intercepted and captured by third party, due to lacking corresponding public key,
It can not be decrypted.
Therefore, wireless router encrypts the digital certificate of generation with private key after generating digital certificate, then returns
Back to terminal device, terminal device is decrypted by the information that corresponding public key can then send wireless router, is finally obtained
Take digital certificate information.
Correspondingly, a kind of generation system of wireless router digital certificate is also provided, as shown in Fig. 2, including:
Receiving module 11, the MAC Address sent for receiving terminal apparatus, device type encoded information;
Module 12 is obtained, for obtaining current time information;
Generation module 13, for beating the MAC Address of the acquisition, device type encoded information and current time information
Disorderly, digital certificate is generated at random;
Return module 14, for the digital certificate of the generation to be returned to terminal device.
MAC Address that 11 receiving terminal apparatus of receiving module is sent and is sent to generation module at device type encoded information
13, while receiving module 11 receives MAC Address, the device type encoded information that receiving terminal apparatus is sent, obtain module 12
It obtains current time information and is sent to generation module 13, generation module 13 is compiled according to the MAC Address of the acquisition, device type
Code information and current time information, are upset by random function, generate digital certificate at random, and be sent to return module 14, by
The digital certificate of generation is returned to terminal device by return module 14.
Further, further include:
Memory module 15, for storing the MAC Address of the acquisition;
Module 16 is established, for establishing MAC Address chained list according to the MAC Address of the acquisition.
Receiving module 11 is after receiving the MAC Address of terminal device transmission, device type encoded information, by terminal device
MAC Address be sent to memory module 15, stored by the MAC Address that memory module 15 will acquire, then by establishing module 16
MAC Address chained list is established according to the MAC Address of acquisition.
Further, further include:
Memory module 15, for referring to MAC Address corresponding to the digital certificate store of the generation to MAC Address chained list
To address in.
When generation module 13 is according to the MAC Address of the acquisition, device type encoded information and current time information, pass through
Random function is upset, and after generating digital certificate at random, the digital certificate of generation is sent to memory module 15, by memory module
15 will be in MAC Address corresponding to the digital certificate store of the generation to MAC Address chained list.
Further, further include:
Encrypting module 17, for encrypting the digital certificate of the generation by private key.
Generation module 13 according to the MAC Address of the acquisition, device type encoded information and current time information, by with
Machine function is upset, and after generating digital certificate at random, the digital certificate generated by 17 Duis of encrypting module is encrypted, then by returning
It returns module 14 and the digital certificate Jing Guo encryption is returned into terminal device.
The present embodiment is by upsetting life for the MAC Address of terminal device, the newly encoded information of equipment class and current time information
At character string, a digital certificate effectively is generated for each terminal device, the leakage of digital certificate information is prevented, improves
The safety of network.
Embodiment two
A kind of production method of wireless router digital certificate is present embodiments provided, as shown in figure 3, including step:
S21. the MAC Address of receiving terminal apparatus transmission, device type encoded information, and obtain current time information;
S22. the MAC Address of the acquisition, device type encoded information and current time information are upset, generates number at random
Word certificate;
S23. the digital certificate by the generation returns to terminal device.
It further, further include step before step S22:
The MAC Address of the acquisition is stored, MAC Address chained list is established.
It further, after step s 22, further include step:
In the address that MAC Address corresponding in the digital certificate store of the generation to MAC Address chained list is directed toward.
Further, step S23 specifically includes step:
The digital certificate of the generation is encrypted by private key, is returned again to terminal device.
It further, further include step after step S23:
Digital certificate authentication request is sent to terminal device, and the digital certificate information returned to terminal device is tested
Card, after digital certificate information is verified, to the terminal device open network permission.
What is different from the first embodiment is that further including step after step S23:
Digital certificate authentication request is sent to terminal device, and the digital certificate information returned to terminal device is tested
Card, after digital certificate information is verified, to the terminal device open network permission.
In connection in the future, when terminal device by SSID and corresponding password and wireless router establish connection it
Afterwards, wireless router can send digital certificate authentication request, the number that terminal device is sent according to wireless router to terminal device
Word certification verification request replys corresponding verification information, the verification information that wireless router is replied according to terminal device, by system
Corresponding digital certificate is found according to the MAC Address in MAC Address chained list to verify verification information, it is right after being verified
Pass through the terminal device open network permission of verifying.
For example, digital certificate is made of 48 characters, wireless router can send checking request to terminal device,
Certain characters for seeking accidental validation digital certificate such as require terminal device to return to 10-16 character codes of digital certificate,
When the character that return character verifies position corresponding with the digital certificate of storage through wireless router is consistent, indicate that verifying is correct, nothing
Line router is i.e. to terminal device open network permission.
The present embodiment the advantage is that compared to embodiment one:
It is verified by the terminal device that digital certificate information networks to request, only just by the terminal device of verifying
Open network legal power is enjoyed, this further safety for improving network connection.
Correspondingly, a kind of generation system of wireless router digital certificate is also provided, as shown in figure 4, including:
Receiving module 21, the MAC Address sent for receiving terminal apparatus, device type encoded information;
Module 22 is obtained, for obtaining current time information;
Generation module 23, for beating the MAC Address of the acquisition, device type encoded information and current time information
Disorderly, digital certificate is generated at random;
Return module 24, for the digital certificate of the generation to be returned to terminal device.
Further, further include:
Memory module 25, for storing the MAC Address of the acquisition;
Module 26 is established, for establishing MAC Address chained list according to the MAC Address of the acquisition.
Further, further include:
Memory module 25, for referring to MAC Address corresponding to the digital certificate store of the generation to MAC Address chained list
To address in.
Further, further include:
Encrypting module 27, for encrypting the digital certificate of the generation by private key.
Further, further include:
Sending module 28, for sending digital certificate authentication request to terminal device;
Authentication module 29, for being verified to the digital certificate information that terminal device returns.
What is different from the first embodiment is that further including sending module 28, authentication module 29.
Sending module 28 sends digital certificate authentication request to terminal device, after terminal device replys verification information, by testing
The digital certificate information that card module 29 returns to terminal device is verified, and after being verified, then opens net to the terminal device
Network permission.
It is verified by the terminal device that digital certificate information networks to request, only just by the terminal device of verifying
Open network legal power is enjoyed, this further safety for improving network connection.
Specific embodiment described herein is only an example for the spirit of the invention.The neck of technology belonging to the present invention
The technical staff in domain can make various modifications or additions to the described embodiments or replace by a similar method
In generation, however, it does not deviate from the spirit of the invention or beyond the scope of the appended claims.